x0rz @x0rz@mastodon.social
Security Researcher & Cyber Observer (pgp: 0xdd1190a656721c4a) ㊙
Tweets are automatically forwarded from https://twitter.com/x0rz
Linux and Android are not doing that great at HTTPS (probably because there's a lot of deprecated versions still running) https://transparencyreport.google.com/https/overview https://t.co/4yUmda02EN
This is really impressive 🤓
Unreal Engine: Reflections Real-Time Ray Tracing Demo
https://www.youtube.com/watch?time_continue=2&v=J3ue35ago3Y
Getting closer each day from that dystopian future. Thanks Amazon? https://motherboard.vice.com/en_us/article/3k4dq5/amazon-rekognition-facial-recognition-cops-body-cameras #privacy #DontBeEvil
Hey @eff, now that the "FUD-clickbait-embargo" period is over, could you update that? https://ssd.eff.org/en/module/how-use-pgp-windows https://t.co/XitvQpEtKG
Another case of remote car compromise (GSM to CAN bus RCE): Security Assessment of BMW Cars by @keen_lab https://keenlab.tencent.com/en/Experimental_Security_Assessment_of_BMW_Cars_by_KeenLab.pdf (PDF) #carhacking https://t.co/ojyI3pnvRu
I uploaded the slides of the talk about 'Hacking Back' I gave at @EsieaSecEdit https://blog.0day.rocks/current-state-of-hacking-back-76a7bdaa0248
LKM Linux rootkit & backdoor (works on 2.6.x/3.x/4.x) https://github.com/f0rb1dd3n/Reptile #linux #rootkit https://t.co/crBUPx8zFM
$36k Google App Engine RCE https://sites.google.com/site/testsitehacking/-36k-google-app-engine-rce #bugbounty #vulnerability
Almost like that Windows XP wallpaper 😎 https://t.co/fSILRilT25
In the vines, Bourgogne, France 🇫🇷 https://t.co/dZhm6xpIPy
Dell SupportAssist driver vuln to SYSTEM local privilege escalation https://hatriot.github.io/blog/2018/05/17/dell-supportassist-local-privilege-escalation/ + PoC https://github.com/hatRiot/bugs/blob/master/dell-support-assist/dell-sa-lpe.cpp #vulnerability #windows #dell #privesc
An introduction to secure Android application development https://dl.packetstormsecurity.net/papers/general/The_Grey_Matter_of_Securing_Android_Applications_v1.0.pdf (PDF) #android #security #vulnerability #hardening
FWIW, French #DGSE is now on YouTube (looks like a recruiting campaign aimed at infosec/comsec/IT people) https://www.youtube.com/watch?v=AZrn7NGOMJM
The effect of political polarization, also why propaganda works both ways (source: https://www.reddit.com/r/dataisbeautiful/comments/8k3z1i/this_is_not_normal_voting_patterns_of_every/) https://t.co/uSV9pCmzO5
If you like debunking fake videos, be sure to subscribe to @cdisillusion YT channel 👍 https://www.youtube.com/watch?v=-NPmBkYb_mY
I think this is precisely the reason why TLP RED / AMBER exist
About hacking back (re: ZooPark dump), IMO Kaspersky failed to protect the victims here, burning a *working* C2 containing victims data is careless https://t.co/hVI1oGMNYK
MFW a mobile geolocation provider gets breached #Securus https://t.co/IC8M2qhGMJ
Tips on how to pivot through WinRM 👌 https://pentestlab.blog/2018/05/15/lateral-movement-winrm/ #redteam #windows #lateral #pivoting
Soooooo... some random internal CIA project was on GitHub and went unnoticed for months. Wow, what else is there to find? #Vault7 #OSINT https://www.thedailybeast.com/exclusive-cia-leaker-josh-schulte-posted-agency-code-onlineand-cia-never-noticed
